Mail Thread Index
- Cisco Security Advisory: Cisco Catalyst 6000, 6500 Series and Cisco 7600 Series NAM (Network Analysis Module) Vulnerability,
Cisco Systems Product Security Incident Response Team
- Cisco Security Advisory: Cisco Catalyst 6000, 6500 and Cisco 7600 Series MPLS Packet Vulnerability,
Cisco Systems Product Security Incident Response Team
- RE: MSIE7 browser entrapment vulnerability (probably Firefox, too),
perpetualmotionuk
- Re: Xbox 360 Hypervisor Privilege Escalation Vulnerability,
gera
- Evading the Norman SandBox Analyzer,
Arne Vidstrom
- [USN-428-1] Firefox vulnerabilities,
Martin Pitt
- [CAID 35112]: CA eTrust Intrusion Detection Denial of Service Vulnerability,
Williams, James K
- [ MDKSA-2007:050 ] - Updated Firefox packages fix multiple vulnerabilities,
security
- Full disclosure: Directory Transversal and Arbitrary Code Execution Vulnerability in SQL-Ledger and LedgerSMB,
Chris Travers
- [ MDKSA-2007:051 ] - Updated snort packages fix DoS vulnerability,
security
- [USN-416-2] nvidia-glx-config regression,
Martin Pitt
- Comodo Bypassing settings protection using magic pipe Vulnerability,
Matousec - Transparent security Research
- Angel LMS 7.1 - Remote SQL Injection,
Guns
- Serendipity unauthenticated SQL-Injection,
SaMuschie
- Built2Go v.1.0 => ( news.php & rating.php ) Cross Site Scripting,
the_3dit0r
- aWebNews v 1.1=>RFI,
mostafa_ragab
- Re: ProFTPD 1.3.0/1.3.0a (mod_ctrls support) Local Buffer Overflow Exploit,
revenge
- WB News Remote File Include in all versions,
mostafa_ragab
- LayerOne 2007 - Call for Papers and Pre-Registration,
Layer One
- aWebNews V 1.1,
mostafa_ragab
- [ GLSA 200703-01 ] Snort: Remote execution of arbitrary code,
Raphael Marichez
- [ GLSA 200703-02 ] SpamAssassin: Long URI Denial of Service,
Raphael Marichez
- SPAW Editor PHP Edition,
RaeD Hasadya
- [USN-428-2] Firefox regression,
Kees Cook
- [ GLSA 200703-03 ] ClamAV: Denial of Service,
Raphael Marichez
- vBulletin v3.6.5 admincp/index.php ( rss feed ) xss vuln.,
meto5757
- ZDI-07-008: Apache Tomcat JK Web Server Connector Long URL Stack Overflow Vulnerability,
zdi-disclosures
- Woltlab Burning Board (wbb) 2.3.6 CSRF/XSS - 0day,
SaMuschie
- Re: Re: WordPress Search Function SQL-Injection,
none
- iDefense Security Advisory 03.02.07: Kaspersky AntiVirus UPX File Decompression DoS Vulnerability,
iDefense Labs
- Remote File Include In DBImageGallery,
RaeD Hasadya
- Limited format string in Netrek 2.12.0,
Luigi Auriemma
- [ MDKSA-2007:050-1 ] - Updated Firefox packages fix multiple vulnerabilities,
security
- WordPress source code compromised to enable remote code execution,
ifsecure
- webSPELL <= 4.01.02 Remote PHP Code Execution Exploit,
gmdarkfig
- rPSA-2007-0048-1 tcpdump,
rPath Update Announcements
- [ GLSA 200703-04 ] Mozilla Firefox: Multiple vulnerabilities,
Raphael Marichez
- Tyger Bug Tracking System Multiple Vulnerability,
corrado . liotta
- BJ Webring XSS,
sn0oPy . team
- rPSA-2007-0040-3 firefox thunderbird,
rPath Update Announcements
- [Fwd: Re: Angel LMS 7.1 - Remote SQL Injection],
don bailey
- Re: VMware Workstation multiple denial of service and isolation manipulation vulnerabilities,
emptysands
- ERRATA: [ GLSA 200703-01 ] Snort: Remote execution of arbitrary code,
Raphael Marichez
- [ GLSA 200703-05 ] Mozilla Suite: Multiple vulnerabilities,
Raphael Marichez
- [ GLSA 200703-06 ] AMD64 x86 emulation Qt library: Integer overflow,
Raphael Marichez
- [SECURITY] [DSA 1262-1] New gnomemeeting packages fix arbitrary code execution,
Moritz Muehlenhoff
- Show Password Admin In Script Uploadscript,
RaeD Hasadya
- ePortfolio version 1.0 Java Multiple Input Validation Vulnerabilities,
Stefan Friedli
- Konqueror DoS Via JavaScript Read Of FTP Iframe,
mark
- Extending JavaScript Portscanning to Include Banner Grabbing,
mark
- XXS in script Phorum,
RaeD Hasadya
- Sava's GuestBook Multiple Vulnerabilities,
bugtraq
- LI-Guestbook SQL Injection Vulnerability,
bugtraq
- Arbitrary file disclosure vulnerability in rrdbrowse <= 1.6,
Sebastian Wolfgarten
- HITBSecConf2007 - Malaysia: Call for Papers now Open,
Praburaajan
- XSS Remote In vCard 2.6 (c)2002,
RaeD Hasadya
- Wordpress <= v2.1.0,
ciri
- DoS and code execution issue in LedgerSMB < 1.1.5 and SQL-Ledger < 2.6.25,
Chris Travers
- CORE-2007-0115: GnuPG and GnuPG clients unsigned data injection vulnerability,
CORE Security Technologies Advisories
- iDefense Security Advisory 03.05.07: Apple QuickTime Color Table ID Heap Corruption Vulnerability,
iDefense Labs
- Apple QuickTime Player Remote Heap Overflow,
Piotr Bania
- Call for Participation Chaos Communication Camp 2007,
fukami
- Apple QuickTime udta ATOM Integer Overflow,
Sowhat
- [security bulletin] HPSBUX02153 SSRT061181 rev.3 - HP-UX Running Firefox, Remote Unauthorized Access or Elevation of Privileges or Denial of Service (DoS),
security-alert
- [security bulletin] HPSBUX02195 SSRT061237 rev.1 - HP-UX Running Software Distributor (SD), Remote Denial of Service (DoS),
security-alert
- [Reversemode Advisory] Apple Quicktime Color ID remote heap corruption,
Reversemode
- PHP <= 4.4.6 mssql_connect() & mssql_pconnect() local buffer overflow and safe_mode bypass,
retrog
- Re: Tinyportal Shoutbox,
ichbin
- rPSA-2007-0050-1 kernel,
rPath Update Announcements
- [ GLSA 200703-07 ] STLport: Possible remote execution of arbitrary code,
Matthias Geerdsen
- [USN-429-1] tcpdump vulnerability,
Kees Cook
- [USN-430-1] mod_python vulnerability,
Kees Cook
- [SECURITY] [DSA 1263-1] New clamav packages fix denial of service,
Moritz Muehlenhoff
- [USN-431-1] Thunderbird vulnerabilities,
Kees Cook
- [ MDKSA-2007:052 ] - Updated Thunderbird packages fix multiple vulnerabilities,
security
- [ MDKSA-2007:053 ] - Updated util-linux packages address umount crash issue,
security
- Re: Drake CMS v0.3.2 < = RFi Vulnerabilities,
legolas558
- iDefense Security Advisory 03.07.07: Ipswitch IMail Server 2006 Multiple ActiveX Control Buffer Overflow Vulnerabilities,
iDefense Labs
- xss in phpmyadmin >=2.8.0 and < 2.10.0,
alfa
- Firekeeper - IDS for Firefox available,
Jan Wrobel
- month of PHP bugs, secondary message?,
Gadi Evron
- RPS 6.2 SQL Injection Exploit,
s0cratex
- ZDI-07-009: Novell Netmail WebAdmin Buffer Overflow Vulnerability,
zdi-disclosures
- ZDI-07-010: Apple Quicktime UDTA Parsing Heap Overflow Vulnerability,
zdi-disclosures
- [SECURITY] [DSA 1264-1] New php4 packages fix several vulnerabilities,
Moritz Muehlenhoff
- FLSA - foresight linux security announcements,
Jonathan Smith
- Message not available
- Message not available
- Message not available
- Message not available
- Message not available
- Lazarus Guestbook (admin.php)Remote File Include Expliot,
c_r_ck
- Buffer-overflow in Conquest client 8.2a (svn 691),
Luigi Auriemma
- rPSA-2007-0051-1 mod_python,
rPath Update Announcements
- rPSA-2007-0052-1 kdelibs,
rPath Update Announcements
- dynaliens v2.0/v2.1 bypass admin authentification + XSS,
sn0oPy . team
- Black Hat USA CFP Now Open!,
Jeff Moss
- Ann: Backtrack 2.0 released,
Thierry Zoller
- [USN-424-2] PHP regression,
Kees Cook
- [ MDKSA-2007:057 ] - Updated xine-lib packages to address buffer overflow vulnerability,
security
- [ MDKSA-2007:056 ] - Updated tcpdump packages address off-by-one overflow,
security
- PHP 4.4.6 crack_opendict() local buffer overflow poc exploit,
retrog
- [ MDKSA-2007:055 ] - Updated mplayer packages to address buffer overflow vulnerability,
security
- Word Press Sensitive Directory exposure (SQL),
r00t2000
- [ MDKSA-2007:054 ] - Updated kdelibs packages to address DoS issue in KDE Javascript,
security
- [USN-432-1] GnuPG vulnerability,
Kees Cook
- Microsoft Windows Vista/2003/XP/2000 file management security issues,
3APA3A
- PHP import_request_variables() arbitrary variable overwrite,
Stefano Di Paola
- [ECHO_ADV_67$2007] WEBO (Web Organizer) <= 1.0 (baseDir) Remote File Inclusion Vulnerability,
erdc
- [ MDKSA-2007:059 ] - Updated gnupg packages provide enhanced forgery detection,
security
- Buffer Overflow in Linux Drivers for Omnikey CardMan 4040 (CVE-2007-0005),
Daniel Roethlisberger
- [USN-434-1] Ekiga vulnerability,
Kees Cook
- TSLSA-2007-0009 - multi,
Trustix Security Advisor
- MS07-016 FTP Response DOS PoC,
Mathew Rowley
- XSS In Script deviantART,
RaeD Hasadya
- Re: Digital Armaments Security Advisory 20.01.2007: Grsecurity Kernel PaX Vulnerability,
hugo
- Php Nuke POST XSS on steroids,
ascii
- SyScan'07 - Call for Paper - NEW UPDATES,
organiser@xxxxxxxxxx
- Sql injection in WordPress 2.1.2,
Omid
- [CAID 35145]: CA eTrust Admin Privilege Escalation Vulnerability,
Williams, James K
- Remote File Include In Script copyright (c) James Coyle; JCcorp,
RaeD Hasadya
- Re: [Full-disclosure] Microsoft Windows Vista/2003/XP/2000 file management security issues,
KJKHyperion
- Remote File Include In Script Coppermine Photo Gallery,
RaeD Hasadya
- SecurityFocus is turning seven. What's next? - OFFTOPIC - Please excuse the X-Post,
Alfred Huger
- SEC Consult SA-20070309-0 :: MySQL 5 Single Row Subselect Denial of Service,
research
- HC NEWSSYSTEM 1.0-4 (index.php "ID") Blind SQL Injection,
UniquE
- [ MDKSA-2007:058 ] - Updated ekiga packages fix string vulnerabilities.,
security
- [ MDKSA-2007:060 ] - Updated kernel packages fix multiple vulnerabilities and bugs,
security
- WordPress XSS under function wp_title(),
g30rg3_x
- Security bypass vulnerability in LedgerSMB and SQL-Ledger (fixes released today),
Chris Travers
- [ GLSA 200703-08 ] SeaMonkey: Multiple vulnerabilities,
Raphael Marichez
- wwwpaintboar(newsfile) Remote File Inclusion Vulnerability,
saw_xyz
- [USN-433-1] Xine vulnerability,
Kees Cook
- [ GLSA 200703-09 ] Smb4K: Multiple vulnerabilities,
Raphael Marichez
- [Argeniss] Practical 10 minutes security audit: Oracle Case (Paper),
Cesar
- PHP-Nuke <= 8.0 Cookie Manipulation (lang),
programmer
- Remote File Include In Script Premod SubDog 2,
RaeD Hasadya
- Remote File Include In Script SoftNews Media Group,
RaeD Hasadya
- Fıstıq Duyuru Scripti Remote Sql İnjection Exploit,
crazy_king
- WWWboard password disclosure,
r00t2000
- Grayscale <= 0.8.0 Multiple Vulnerabilities,
omnipresent
- Pre-open files attack agains locked file,
3APA3A
- [ECHO_ADV_68$2007] PMB Services <= 3.0.13 Multiple Remote File Inclusion Vulnerability,
erdc
- NukeSentinel <= 2.5.06 SQL Injection (mysql >= 4.0.24) Exploit,
gmdarkfig
- Re: [Full-disclosure] PHP import_request_variables() arbitrary variable overwrite,
Stefan Esser
- Re: PHP Classifieds 7.1 - Remote File Include Vulnerability,
support
- [ GLSA 200703-10 ] KHTML: Cross-site scripting (XSS) vulnerability,
Raphael Marichez
- [SECURITY] [DSA 1265-1] New Mozilla packages fix several vulnerabilities,
Martin Schulze
- Remote File Include In Script PHP Photo Album,
RaeD Hasadya
- [security bulletin] HPSBUX02129 SSRT061149 rev.2 - HP-UX running SLP, Remote Unauthorized Access,
security-alert
- Remote File Include In Script moodle-1.7.1,
RaeD Hasadya
- Remote File Include In ClipShare.v1.5.3,
RaeD Hasadya
- Wiki Remote Authentication Bypass Vulnerability,
DoZ
- AssetMan 2.4a <= (download_pdf.php) Remote File Disclosure Vulnerability,
BorN To K!LL BorN To K!LL
- Fantastico In all Version Cpanel 10.x <= local File Include,
z3r0 z3r0.2.z3r0
- GuppY v4.0 remote del files/index,
sn0oPy . team
- RIM BlackBerry Pearl 8100 Browser DoS,
clappymonkey
- [security bulletin] HPSBUX02196 SSRT071318 rev.2 - HP-UX Java (JRE and JDK) Remote Execution of Arbitrary Code,
security-alert
- [USN-435-1] Xine vulnerability,
Kees Cook
- [USN-436-1] KTorrent vulnerabilities,
Kees Cook
- [ECHO_ADV_69$2007] OES (Open Educational System) 0.1beta Remote File Inclusion Vulnerability,
erdc
- Iframe-Cash/Iframe-Dollars Adware bundle...oooh... my ....god..,
Thierry Zoller
- Call for Papers: DeepSec IDSC 2007 Europe/Vienna: 20-23 Nov 2007,
Paul Böhm
- Weekly Drawing Contest <= (check_vote.php) Remote File Disclosure Vuln,
BorN To K!LL BorN To K!LL
- [ECHO_ADV_73$2007] MySQL Commander <= 2.7 (home) Remote File Inclusion Vulnerability,
erdc
- [USN-432-2] GnuPG2, GPGME vulnerability,
Kees Cook
- JGBBS 3.0beta1 Version Search.ASP "Author" SQL Injection Exploit,
UniquE
- [ MDKSA-2007:061 ] - Updated mplayer packages to address buffer overflow vulnerability,
security
- [ MDKSA-2007:062 ] - Updated xine-lib packages to address buffer overflow vulnerability,
security
- CORE-2007-0219: OpenBSD's IPv6 mbufs remote kernel buffer overflow,
CORE Security Technologies Advisories
- [ GLSA 200703-11 ] Amarok: User-assisted remote execution of arbitrary code,
Raphael Marichez
- n.runs-SA-2007.006 - PHProjekt 5.2.0 - Privilege escalation,
security
- n.runs-SA-2007.005 - PHProjekt 5.2.0 - Cross Site Request Forgery,
security
- [SECURITY] [DSA 1266-1] New gnupg packages fix signature forgery,
Moritz Muehlenhoff
- n.runs-SA-2007.004 - PHProjekt 5.2.0 - Cross Site Scripting and Filter Evasion,
security
- n.runs-SA-2007.003 - PHProjekt 5.2.0 - SQL Injection,
security
- [ GLSA 200703-12 ] SILC Server: Denial of Service,
Matthias Geerdsen
- SEC Consult SA-20070314-0 :: Apache HTTP Server / Tomcat directory traversal,
David Matscheko
- SymEvent Driver Local Access System Denial of Service,
Matousec - Transparent security Research
- New report on Windows Vista network attack surface,
Jim Hoagland
- Fwd: Python 2.5 (Modules/zlib) minigzip local buffer overflow vulnerability,
starcadi starcadi
- iDefense Security Advisory 03.14.07: Trend Micro Antivirus UPX Parsing Kernel Divide by Zero Vulnerability,
iDefense Labs
- [ECHO_ADV_71$2007] AMP v3.2 (base_path) Remote File Inclusion Vulnerability,
erdc
- [ECHO_ADV_72$2007] CARE2X (root_path) Remote File Inclusion Vulnerability,
erdc
- [ECHO_ADV_74$2007] WebCreator <= 0.2.6-rc3 (moddir) Remote File Inclusion Vulnerability,
erdc
- WSN Guest 1.21 Version Comments.PHP "ID" SQL Injection Exploit,
UniquE
- Phishing using IE7 local resource vulnerability,
avivra
- [ GLSA 200703-13 ] SSH Communications Security's Secure Shell Server: SFTP privilege escalation,
Raphael Marichez
- Woltab Burning Board SQL Injection usergroups.php,
x666
- Horde 3.1.4 (RC1) fixes XSS issue,
Moritz Naumann
- [ECHO_ADV_76$2007] Company WebSite Builder PRO (INCLUDE_PATH) Remote File Inclusion Vulnerability,
erdc
- IBM Rational ClearQuest Web - Cross Site Scripting,
james
- [ECHO_ADV_75$2007] Groupit 2.00b5 (c_basepath) Remote File Inclusion Vulnerability,
erdc
- Orion-Blog v2.0 Version Remote Privilege Escalation Exploit,
UniquE
- Norton Insufficient validation of 'SymTDI' driver input buffer,
Matousec - Transparent security Research
- XSS vulnerability in the online help system of several Cisco products,
cassio
- Remote File Inclusion in ViperWeb,
asamad
- Horde IMP Webmail Client version H3 (4.1.4) fixes multiple XSS issues,
Moritz Naumann
- iDefense Security Advisory 03.15.07: Horde Project Cleanup Script Arbitrary File Deletion Vulnerability,
iDefense Labs
- PHP <= 4.4.6 ibase_connect() local buffer overflow,
retrog
- QFTP (LIBFtp 3.1-1) (command line) sprintf() local buffer overflow,
starcadi starcadi
- - Call for chapters - Handbook of Research on Digital Anti-forensics and In-security Governance,
Jeimy Cano
- LIBFtp 5.0 (sprintf(), strcpy()) Multiple local buffer overflow,
starcadi starcadi
- vbulletin admincp sql injection,
disfigure
- WebCalendar v0.9.45 (13 Dec 2004) (login.php) Remote File include,
drackanz
- PHP Point Of Sale for osCommerce <= (index.php) Remote File Include Vuln,
BorN To K!LL BorN To K!LL
- Absolute Image Gallery Gallery.ASP (categoryid) MSSQL Injection Exploit,
UniquE
- Re: [Full-disclosure] Woltab Burning Board SQL Injection usergroups.php,
Bastian Ahrens
- DirectAdmin Cross Site Scripting XSS,
Mandr4ke . root
- [SECURITY] [DSA 1267-1] New webcalendar packages fix remote file inclusion,
Moritz Muehlenhoff
- MS07-012 Not Fixed,
Greg Sinclair
- [CAID 34817, 35058, 35158, 35159]: CA BrightStor ARCserve Backup Tape Engine and Portmapper Vulnerabilities,
Williams, James K
- Rot 13 <= (enkrypt.php) Remote File Disclosure Vulnerability,
BorN To K!LL BorN To K!LL
- Oracle Portal PORTAL.wwv_main.render_warning_screen XSS,
Sea Shark
- RE: [VulnWatch] iDefense Security Advisory 03.14.07: Trend Micro Antivirus UPX Parsing Kernel Divide by Zero Vulnerability,
Topolski, Leo
- Re: fx-APP Version 0.0.8.1,
osdesk
- Call For Papers - IT Underground Dublin,
Marcin Tkaczyk
- April, 2007 is the "Month of Myspace Bugs",
mondo_armando
- iDefense Security Advisory 03.16.07: Multiple Vendor libwpd Multiple Buffer Overflow Vulnerabilities,
iDefense Labs
- Your Opinion,
Mark Litchfield
- Re: Your Opinion,
bugtraq
- Re: Your Opinion,
Jonathan Glass (GM)
- RE: Your Opinion,
Mario Contestabile
- Re: Your Opinion,
Crispin Cowan
- Re: Your Opinion,
William A. Rowe, Jr.
- RE: Your Opinion,
Scott Blake
- Re: Your Opinion,
The Fungi
- Re: Your Opinion,
Casper . Dik
- RE: Your Opinion,
Jim Harrison
- Re: Your Opinion,
Forrest J. Cavalier III
- Re: Your Opinion,
Paul Stepowski
- <Possible follow-ups>
- Re: Your Opinion,
Neil Dickey
- RE: Your Opinion,
jay.tomas
- RE: Your Opinion,
Neale Green
- Particle Blogger All Version Post.PHP (PostID) Remote SQL Injection Exploit,
UniquE
- rPSA-2007-0056-1 gnupg,
rPath Update Announcements
- rPSA-2007-0057-1 libwpd,
rPath Update Announcements
- [ MDKSA-2007:063 ] - Updated libwpd packages to address heap overflow vulnerabilities,
security
- [ MDKSA-2007:064 ] - Updated openoffice.org packages to address libwpd heap overflow vulnerabilities,
security
- Re: [Bogus] Lazarus Guestbook (admin.php)Remote File Include Expliot,
Steven M. Christey
- [NETRAGARD-20070316 SECURITY ADVISORY][FrontBase Database <= 4.2.7 ALL PLATFORMS][REMOTE BUFFER OVERFLOW CONDITION][LEVEL: EASY][RISK:MEDIUM],
Netragard Security Advisories
- [ GLSA 200703-14 ] Asterisk: SIP Denial of Service,
Raphael Marichez
- [ GLSA 200703-15 ] PostgreSQL: Multiple vulnerabilities,
Raphael Marichez
- [ GLSA 200703-16 ] Apache JK Tomcat Connector: Remote execution of arbitrary code,
Raphael Marichez
- Bypassing Mcafee Entreprise Password Protection,
thesinoda
- CLBOX <= (signup.php header) Remote File Include Vulnerability,
BorN To K!LL BorN To K!LL
- Your Opinion +,
Mark Litchfield
- Rhapsody IRC 0.28b (NICK) Multiple fs and bof vulnerability,
starcadi
- [SECURITY] [DSA 1268-1] New libwpd packages fix arbitrary code execution,
Martin Schulze
- Full Disclosure: Arbitrary execution vulnerability in SQL-Ledger and LedgerSMB,
Chris Travers
- Net Portal Dynamic System (NPDS) <= 5.10 Remote Code Execution 0day,
gmdarkfig
- [SECURITY] [DSA 1269-1] New lookup-el packages fix insecure temporary file,
Martin Schulze
- MetaForum <= 0.513 Beta - Remote file upload Vulnerability,
aeroxteam------nospam-----
- [ GLSA 200703-17 ] ulogd: Remote execution of arbitrary code,
Raphael Marichez
- [ GLSA 200703-18 ] Mozilla Thunderbird: Multiple vulnerabilities,
Raphael Marichez
- [ GLSA 200703-19 ] LTSP: Authentication bypass in included LibVNCServer code,
Raphael Marichez
- [ GLSA 200703-20 ] LSAT: Insecure temporary file creation,
Raphael Marichez
- Unclassified NewsBoard 1.6.3 multiples logs disclosure,
none
- Layered Defense Research Advisory: F-Secure Anti-Virus Client Security 6.02 Format String Vulnerability,
dh
- CCleaguePro_V1.0.1RC1 Directory Traversal Vulnerability,
snakeapollon
- phpx 3.5.15 multiples vulnerabilities,
none
- Conflict of Interest - My summary,
Mark Litchfield
- [Reversemode Advisory] Microsoft Windows Ndistapi.sys IRQL escalation,
Reversemode
- w-agora version 4.2.1 Multiple Path Disclosure Vulnerabilities,
jesper . jurcenoks
- w-agora version 4.2.1 Information Disclosure Vulnerability,
jesper . jurcenoks
- [USN-437-1] libwpd vulnerability,
Kees Cook
- ZynOS v3.40 One packet killer,
Joxean Koret
- Oracle 10g Dynamic Monitoring Services XSS /servlet/Spy,
Sea Shark
- Web Wiz Forums 8.05 (MySQL version) SQL Injection,
Ivan Fratric
- Advisory - Redirection Vulnerability in wp-login.php.,
Metaeye SG
- w-agora [multiples file upload,xss,full path disclosure,error sql],
none
- Microsoft coverup ? Stolen Xbox live accounts list of known victims - Please Help,
Kevin Finisterre (lists)
- Helix Server heap overflow,
research
- [SECURITY] [DSA 1271-1] New openafs packages fix remote privilege escalation bug,
Noah Meyerhans
- Linksys WAG200G - Information disclosure,
dniggebrugge
- [SECURITY] [DSA 1270-1] New OpenOffice.org packages fix several vulnerabilities,
Martin Schulze
- [ GLSA 200703-22 ] Mozilla Network Security Service: Remote execution of arbitrary code,
Raphael Marichez
- [ GLSA 200703-23 ] WordPress: Multiple vulnerabilities,
Raphael Marichez
- [ GLSA 200703-21 ] PHP: Multiple vulnerabilities,
Raphael Marichez
- [ MDKSA-2007:065 ] - Updated nas packages address multiple vulnerabilities,
security
- [ MDKSA-2007:066 ] - Updated OpenAFS packages address vulnerability,
security
- [USN-438-1] Inkscape vulnerability,
Kees Cook
- Secunia Research: InterActual Player / CinePlayer IASystemInfo.dll ActiveX Control Buffer Overflow,
Secunia Research
- Secunia Research: Evolution Shared Memo Categories Format String Vulnerability,
Secunia Research
- Secunia Research: XMMS Integer Overflow and Underflow Vulnerabilities,
Secunia Research
- [security bulletin] HPSBUX02156 SSRT061236 rev.2 - HP-UX Running Thunderbird, Remote Unauthorized Access or Elevation of Privileges or Denial of Service (DoS),
security-alert
- HPSBGN02189 SSRT071297 rev.2 - ServiceGuard for Linux, Remote Unauthorized Access,
security-alert
- Two new DoS Vulnerabilities in Asterisk Fixed,
Matt Riddell (NZ)
- **SubHub v2.3.0**,
anon
- [ECHO_ADV_77$2007] Study planner (Studiewijzer) <= 0.15 Remote File Inclusion Vulnerability,
erdc
- CFP for RAID 2007: Extended due date for papers: April 8th,
jeffh
- [USN-439-1] file vulnerability,
Kees Cook
- [USN-440-1] MySQL vulnerability,
Kees Cook
- rPSA-2007-0059-1 file,
rPath Update Announcements
- ManageEngine Firewall Analyzer arbitrary file disclosure to authorized user,
yearsilent
- Remote File Include In copyright © James Coyle; JCcorp,
RaeD Hasadya
- Remote File Include In Coppermine Photo Gallery,
RaeD Hasadya
- [ MDKSA-2007:067 ] - Updated file packages fix heap-based buffer overflow vulnerability,
security
- [NB07-22] Multiple vulnerabilities in NETxEIB OPC server,
Lluis Mora
- [NB07-17] Multiple vulnerabilities in Takebishi Electric DeviceXplorer SYSMAC OPC server,
Lluis Mora
- [NB07-07] Multiple vulnerabilities in Takebishi Electric DeviceXplorer HIDIC OPC server,
Lluis Mora
- [NB07-08] Multiple vulnerabilities in Takebishi Electric DeviceXplorer MELSEC OPC server,
Lluis Mora
- [SECURITY] [DSA 1272-1] New tcpdump packages fix denial of service,
Moritz Muehlenhoff
- [NB07-09] Multiple vulnerabilities in Takebishi Electric DeviceXplorer FA-M3 OPC server,
Lluis Mora
- [NB07-10] Multiple vulnerabilities in Takebishi Electric DeviceXplorer MODBUS OPC server,
Lluis Mora
- [ MDKSA-2007:068 ] - Updated squid packages fix DoS vulnerability,
security
- CRLF injection in PHP ftp function,
fangxiaodun
- [ MDKSA-2007:069 ] - Updated inkscape packages to format string vulnerability,
security
- iDefense Security Advisory 03.23.07: DataRescue IDA Pro Remote Debugger Server Authentication Bypass Vulnerability,
iDefense Labs
- iDefense Security Advisory 03.23.07: Sun Java System Directory Server 5.2 Uninitialized Pointer Cleanup Design Error Vulnerability,
iDefense Labs
- Joomla com_joomlaboard 1.1.x Branch (sbp) Multiple Remote File Include Vulnerabi,
Cold - Zero
- File Upload System V1.0 (AD_BODY_TEMP) multiple file include,
ngevedBangetAsli
- Remote File Include In phpBB-2.0.19,
RaeD Hasadya
- CcCounter 2.0 cross-site scripting vulnerability,
localexploit
- Path Disclosure - Wordpress 2.1.2,
lj
- Horde Webmail Multiple HTML Injection vulnerability,
DoZ
- Fizzle : Firefox Extension Vulnerability,
CrYpTiC MauleR
- Mephisto blog is vulnerable to XSS,
Sergey Tikhonov
- Satel Lite for PhpNuke (Satellite.php) <= Local File Inclusion,
stormhacker
- Multiple XSS in IronMail,
Javier Olascoaga
- Re: [Full-disclosure] XSS at Aon.at, Austrian ISP,
Nikolay Kichukov
- PHP 5.2.1 with PECL phpDOC local buffer overflow,
retrog
- Playstation 3 "Remote Play" Remote DoS Exploit,
mak0b
- Libero.it (italian ISP) XSS vulnerability,
rosario . valotta
- [USN-441-1] Squid vulnerability,
Kees Cook
- [USN-442-1] Evolution vulnerability,
Kees Cook
- [ GLSA 200703-24 ] mgv: Stack overflow in included gv code,
Raphael Marichez
- Xoops All Version -Articles- Print.PHP (ID) Blind SQL Injection Exploit And PoC,
UniquE
- Metasploit Framework 3.0 RELEASED!,
H D Moore
- [KAPDA::#64] - Flexbb Sql Injection,
alireza hassani
- [ECHO_ADV_78$2007] C-Arbre <= 0.6PR7 (root_path) Remote File Inclusion Vulnerability,
erdc
- [KDE Security Advisory] KDE ioslave PASV port scanning vulnerability,
Dirk Mueller
- Yahoo! Messenger Auth Bypass Vulnerability,
kishor . tech
- Linux Kernel DCCP Memory Disclosure Vulnerability,
Robert Święcki
- [ MDKSA-2007:070 ] - Updated evolution packages to address vulnerability,
security
- Buffer Overflow in InterVetions' NaviCopa HTTP server 2.01,
skillTube.com
- [SECURITY] [DSA 1273-1] New nas packages fix multiple remote vulnerabilities,
Noah Meyerhans
- [USN-443-1] Firefox vulnerability,
Kees Cook
- [USN-444-1] OpenOffice.org vulnerabilities,
Kees Cook
- [USN-445-1] XMMS vulnerabilities,
Kees Cook
- Bypass phishing protection in Firefox / Opera,
zonafirefox
- [USN-446-1] NAS vulnerabilities,
Kees Cook
- Corel Wordperfect Office X3 Stack Overflow,
jonny
- [Full-Disclosure] Another XSS vulnerability in italian Libero.it,
Matteo G.P. Flora
- iDefense Security Advisory 03.28.07: IBM Lotus Domino Web Access Cross Site Scripting Vulnerability,
iDefense Labs
- iDefense Security Advisory 03.28.07: IBM Lotus Domino Server LDAP Request Invalid DN Message Heap Overflow Vulnerability,
iDefense Labs
- ZDI-07-011: IBM Lotus Domino IMAP Server CRAM-MD5 Authentication Buffer Overflow Vulnerability,
zdi-disclosures
- Re: Multiple Vulnerabilities In osTicket,
eticket
- Re: [SECURITY ALERT] osTicket bugs,
eticket
- Re: SecurityVulns.com: Microsoft Visual C++ 8.0 standard library time functions invalid assertion DoS (Problem 3000).,
William A. Rowe, Jr.
- Cisco Security Advisory: Multiple Cisco Unified CallManager and Presence Server Denial of Service Vulnerabilities,
Cisco Systems Product Security Incident Response Team
- Denial of Service Vulnerabilities in TrueCrypt 4.3 Linux (re. bid 23180),
Tim Rees
- Update: ViewCVS and ViewVC 'checkout view' content type fixation issue,
Moritz Naumann
- [SECURITY] [DSA 1270-2] New OpenOffice.org packages fix several vulnerabilities,
Martin Schulze
- Arbitrary Command Execution in DataDomain Administrator Interface,
Elliot Kendall
- rPSA-2007-0061-1 inkscape,
rPath Update Announcements
- Re: [VulnWatch] Microsoft Windows Vista Slideshow Unspecified Blue Screen Of Death Vulnerability,
3APA3A
- Xoops Module Friendfinder <= 3.3 (view.php id) BLIND SQL Injection Exploit,
ajannhwt
- Advanced Login <= 0.7 (root) Remote File Inclusion Vulnerability,
bithedz
- Widespread vulnerabilities in Libero.it/Infostrada.it web portals,
rosario . valotta
- [Full-disclosure] [USN-447-1] KDE library vulnerabilities,
Kees Cook
- Re: Re: [Full-disclosure] Linux Kernel DCCP Memory Disclosure Vulnerability,
acme
- Windows Live Spaces logged user NetworkSetup.aspx cross site scripting,
paolo . difebbo
- AOL 9.0 Deskbar.dll/Toolbar.dll DoS Vulnerability,
Justin Seitz
- [ MDKSA-2007:071 ] - Updated xmms packages to address integer vulnerabilities,
security
- iDefense Security Advisory 03.29.07: IBM Lotus Sametime JNILoader Arbitrary DLL Load Vulnerability,
iDefense Labs
- [ MDKSA-2007:072 ] - Updated kdelibs packages to address FTP PASV issue in konqueror,
security
- [ GLSA 200703-25 ] Ekiga: Format string vulnerability,
Raphael Marichez
- [ MDKSA-2007:073 ] - Updated openoffice.org packages to address vulnerabilities,
security
- Mybb Change Password Vulnerability,
security
- 0-day ANI vulnerability in Microsoft Windows (CVE-2007-0038),
Alexander Sotirov
- CA Brightstor Backup Mediasvr.exe Remote Code Vulnerability,
M. Shirk
- VMSA-2007-0002 VMware ESX security updates,
VMware Security team
- DrakeCMS multiple vulerabilities,
security
- AIX 4.3 lsmcode local root command execution,
pr1nce_empire
- The Week Of Vista Bugs [TWOVB],
TWOVB Team
- [ECHO_ADV_80$2007] Softerra Time-Assistant <= 6.2 (inc_dir) Remote File Inclusion Vulnerability,
erdc
- ANI Zeroday, Third Party Patch,
Marc Maiffret
- [ GLSA 200703-26 ] file: Integer underflow,
Raphael Marichez
- Busting The Bluetooth Myth,
Max Moser
- TSRT-07-03: America Online SuperBuddy ActiveX Control Code Execution Vulnerability,
TSRT
Mail converted by MHonArc